Doxxing is an attack that attempts to damage people’s image and reputation by publishing personal information from the Internet.
The advent of technology has changed society and while it brings great benefits, it is also a source of new forms of crime.
Just as you take precautions in your personal life, you need to take the necessary steps to protect yourself from cybercriminals in the virtual world because the risks are real.
To do this, it is crucial that you are aware of the various dangers you may face. In this article, we will explain what doxxing is and how to prevent it.
What is doxxing?
Doxxing is an attack on a person’s privacy that consists of collecting personal information about them and publishing it without their consent, with the intention of harming their image and damaging their professional or personal career.
The term is derived from the two words “dropping docs”, which refers to the act of leaking documents.
This attack on an individual can be accomplished by gathering information through database hacking, social engineering or phishing.
People who doxxing (doxxers) have different profiles. They can be hackers who seek to humiliate or destroy the image of a public figure or they can focus on exposing the identities of hackers who commit malicious acts.
In its early days, doxxing was used by hackers to air their competitors’ dirty laundry, but it has evolved to harm all kinds of profiles.
Subscribe today to SMOWL’s weekly newsletter!
Discover the latest trends in eLearning, technology, and innovation, alongside experts in assessment and talent management. Stay informed about industry updates and get the information you need.
Simply fill out the form and stay up-to-date with everything relevant in our field.
How does doxxing work?
Now that you know doxxing meaning, it is important to know that it can be done in a number of different ways.
The most common ones are listed below:
- Surveillance of a user of social platforms. This is done with the intention of obtaining personal information directly or through inadequate privacy settings.
- Finding out the IP (Internet Protocol) address. This allows the stalker to trick the victim’s service provider (doxxed) to obtain personal information.
- Performing a reverse lookup on a phone number. This gives doxxers access to information such as a person’s address. Another vulnerability can be a web domain. Performing a Whois search on an unprotected domain can reveal who manages a website.
- Accessing a detailed picture of a person through their profiles on networks to try to reveal their true identity. The doxxer can also buy the information from a data broker, people who specialize in reconstructing a person’s identity through their profiles and interactions on social networks.
- Using phishing. As we have seen, they do this to gain the victim’s trust by pretending to be a trusted provider and obtaining sensitive information such as passwords, bank accounts, etc.
Target data in the doxxing technique
The data targeted by the person who wants to doxxing someone is of different nature.
It depends on how far they want to go or what their ultimate goal is, for example, to reveal someone’s identity behind a pseudonym, publish a person’s home address, etc.
To give you a better idea of the nature of this data, here are some examples:
- Phone number.
- Home address.
- Credit card or bank account information.
- Social profile access information.
- Personal photographs.
- Academic or health records.
- Internet browsing history.
- Confidential company information such as contracts, commissions, etc.
Is doxxing Illegal?
If you are wondering if doxxing is illegal, the answer is not simple. In the United States, doxxing is a crime if the information used to harm a person was obtained illegally or if it leads to a crime such as cyberharassment.
In other words, while doxxing someone is considered an unethical act, it is only a crime if it originates from or results in an illegal act.
To give an example of illegal information gathering, misleading a government employee to obtain information is considered a federal crime.
However, it is important to note that most of the information used by the doxxer to attack an individual is public information available on the Internet, so it is essential that you manage your digital fingerprint accordingly.
How can you prevent doxxing?
While you can never be 100 % safe from becoming a victim of doxxing, it is possible to take a number of digital security measures to protect yourself.
The first step is to adopt good digital hygiene habits, such as keeping your software and applications up to date, enabling multi-factor authentication on the platforms you use and, of course, using software from trusted vendors.
We have compiled some additional recommendations in the points below:
- Remove your information from the Internet. You can do this by hiring a specialized company or manually by deactivating outdated profiles and properly configuring the privacy settings of your browser, applications, social networks, etc.
- Properly manage the cookie settings of the sites you visit. Leave only those that are absolutely necessary on sites you trust.
- Use encrypted messaging platforms whenever possible and avoid text messaging on your phone.
- Do not click on links or download files from emails that you do not trust. You mustn’t succumb to messages that ask you to take quick action, no matter how persuasive they may be.
- Do not connect to free Wi-Fi networks that do not offer security guarantees and do not connect to your accounts with devices that you do not own.
- Use strong passwords that are not related to you, to your preferences, your personal data or any information that can be derived from you on the Internet. You can use a trusted password manager that generates them randomly.
- Be careful with QR codes, whose use is growing and which can, in many cases, lead to malicious websites.
- Get in the habit of using your browser’s private browsing mode and regularly clear your history and cookies.
- Enhance your security by using a virtual private network (VPN).
Finally, remember that the best way to protect yourself is to apply the precautionary principle to all your digital interactions.
At Smowltech, we specialize in developing secure online monitoring solutions to prevent fraud such as identity theft, browser blocking or computer monitoring.
Consult our proctoring plans and request a free demo so we can explain in detail the solutions we can offer you to protect your company and your users by creating secure environments.
Download now!
8 interesting
facts
about proctoring
Discover everything you need about online proctoring in this book to know how to choose the best software.
Fill out the form and download the guide now.
And subscribe to the weekly SMOWL newsletter to get exclusive offers and promotions.
You will discover all the trends in eLearning, technology, innovation, and proctoring at the hands of evaluation and talent management experts.